Basically what I want is a configuration option that allows me to specify the preferred transport protocol something like:
forwarder: <blash> prefer TCP;
or tcp-forwarder: <blah>
or udp-forwarder: <blah>
The reason for this is forwarders close to the edge send bursts of queries and then go silent, thus if the burst is sent over TCP the overhead of setting up and closing the TCP connection is amortized.
The forwarder should close the TCP connection after going silent for a short time (10seconds ?) or just leave the closing of the connection to the server.
Basically what I want is a configuration option that allows me to
specify the preferred transport protocol something like: forwarder:
<blash> prefer TCP; or tcp-forwarder: <blah> or udp-forwarder:
<blah>
Such detailed config is not available, did you know the following
option is already implemented?
tcp-upstream: yes
If you set this, all communication with upstream (whether forwarding
or not forwarding) is done over TCP. You can also add config as a
forwarder, and thus have TCP forwarding.
If you are really paranoid, you can even use SSL-wrapped transport
with unbound, but this is trickier to set up (and it does not do
actual X509 PKI checks, just encapsulates the traffic).
Basically what I want is a configuration option that allows me to
specify the preferred transport protocol something like: forwarder:
<blash> prefer TCP; or tcp-forwarder: <blah> or udp-forwarder:
<blah>
Such detailed config is not available, did you know the following
option is already implemented?
tcp-upstream: yes
I will try that one, and see what else breaks
If you set this, all communication with upstream (whether forwarding
or not forwarding) is done over TCP. You can also add config as a
forwarder, and thus have TCP forwarding.
If you are really paranoid, you can even use SSL-wrapped transport
with unbound, but this is trickier to set up (and it does not do
actual X509 PKI checks, just encapsulates the traffic).
